Metered Access

Crain's Detroit Business is a metered site. Print and digital subscribers have unlimited access to stories, but registered users are limited to eight stories every 30 days. After viewing three metered stories, you'll be asked to register or log in. After eight more stories in 30 days, you'll be asked to subscribe.

Twitter’s TweetDeck service resumes after security breach

Twitter Inc. said its TweetDeck tool for organizing and tracking tweets has resumed operation after experiencing a security issue.

The service had earlier been taken down following a breach, the San Francisco-based microblogging company said in a post on its @TweetDeck Twitter account. An earlier tweet said the company had fixed the issue and Twitter later added that it had verified the security bug had been resolved.

Twitter didn’t describe the vulnerability and didn’t immediately respond to a request for further comment.

Numerous companies have been hit by technology security issues recently. Restaurant chain P.F. Chang’s China Bistro Inc. said Tuesday that it was investigating whether it was the target of a data breach. Hackers previously wreaked havoc with Target Corp. and Neiman Marcus Group Ltd., exposing the credit-card data of tens of millions of customers. In March, Sally Beauty Holdings Inc., a seller of hair and beauty products, said data from customers’ payment cards had been illegally accessed and may have been stolen.

TweetDeck, one of the biggest Twitter client programs, which lets people use the microblogging service via another program, was bought by Twitter in May 2011 for about $20 million.

The vulnerability in TweetDeck appeared to be a cross-site scripting bug, or XSS, a common computer programming error that lets hackers inject commands into Web pages and force them to do things they normally wouldn’t, according to security experts. In this case, the most obvious damage was mischief makers exploiting the security hole to post pop-up messages to users’ screens.

Cross-site scripting vulnerabilities can range from serious weaknesses that expose sensitive information to minor flaws that result in harmless annoyances to users. Hackers exposed a similar vulnerability on Twitter in 2010. In that instance, the bug was also used to show harmless pop-up messages on users’ screens.